Release Directory File System Registry Settings (Windows Embedded CE 6.0)
1/6/2010
The Release Directory File System Driver (Relfsd) was created for development environments. Relfsd mounts the release directory on the development workstation to '\release' on the device, so that any I/O operations to the '\release' directory are routed to the 'release' directory on the development workstation.
In development environments, if the LoadLibrary function cannot find an executable module on the device; it searches for the module in the directories specified by a registry setting. By default, the directory is set to \release for development images.
The release file system must be auto-loaded. The registry settings for auto-loading the release file system in Storage Manager are located under the HKEY_LOCAL_MACHINE\System\StorageManager\AutoLoad\Relfsd registry key.
The following table shows the named values for the Relfsd registry key.
Value: type | Description |
---|---|
LoadFlags: REG_DWORD |
Controls how the file system is loaded.
|
BootPhase: REG_DWORD |
Controls the boot phase during which the file system is loaded.
|
Mount: REG_SZ |
Specifies the directory where relfsd mounts the _FLATRELEASEDIR. If the OS image includes the Windows Embedded CE shell, the kernel loader automatically loads any modules from '\release' that are not found on the device. Production images in which relfsd is included in the image (and shell is not), should be set to mount to some other directory than '\release'. |
Secure: REG_DWORD |
Determines access to release directory files.
|
The following example shows default values for the Relfsd if shell is included in the run-time image.
[HKEY_LOCAL_MACHINE\System\StorageManager\AutoLoad\Relfsd]
"Dll"="relfsd.dll"
"Paging"=dword:0
"LoadFlags"=dword:1
; @CESYSGEN IF CE_MODULES_SHELL
"mount"="Release"
"secure"=dword:0
Security recommendations
Security issues can arise when Relfsd is implemented without the shell, that is, when the shell is not included in the run-time image. The issue occurs because the kernel loader, LoadLibrary, automatically loads any modules not found on the device from the '\release' directory; thus, if the system path specifies the same directory that the \release directory is mounted to, the kernel will automatically load any DLL in the \release directory that is not found on the device. In this way, arbitrary code might be executed on the device.
Although these issues occur when the shell is not included in the run-time image, security guidelines for Relfsd should be followed whenever Relfsd is present in a production image.
The following list shows guidelines to follow when the run-time image does not include the shell.
Mount Relfsd to a directory other than the system path
Set the secure value of the Relfsd registry key to 1 for restricted access.
The following example shows registry settings for using Release File System when the shell is not included in the run-time image.[HKEY_LOCAL_MACHINE\System\StorageManager\AutoLoad\Relfsd] "Dll"="relfsd.dll" "Paging"=dword:0 "LoadFlags"=dword:1 "secure"=dword:1 ; ;[HKEY_LOCAL_MACHINE\Loader]\SystemPath should **NOT** have the ;'mount' dir specified below "mount"="Desktop"